Paul's Security Weekly (Video)

Steve Lipner is the Executive Director of SAFECode, a non-profit organization dedicated to increasing trust in ICT products and services. He retired in 2015 as Partner Director of Software Security at Microsoft, where he was the creator and long-time leader of the Microsoft Security Development Lifecycle (SDL). Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode513 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Avast blocks the entire internet (again), over 120,000 cameras are vulnerable to a new botnet, WordPress malware, stronger authentication on government sites, and more security news! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode513 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Roi Abutbul and Guy Franco of Javelin Networks explain how to protect your active directory and deceive attackers in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode513 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Phishing attacks in Google Docs, GE fixes its Smart Grid, hackers remotely control robots, and who is publishing NSA and CIA secrets (and why)? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode512 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Ferruh Mavituna of Netsparker gives a demo on exploiting application vulnerabilities and second order attacks in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode512 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Javvad Malik is a Security Advocate at AlienVault, a blogger event speaker, and industry commentator. Prior to joining AlienVault, Javvad was a Senior Analyst at 451's Enterprise Security Practice (ESP), providing research, new product and go-to-market positioning, and M&A strategy for technology vendors, private equity firms, venture capitalists, and end users. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode512 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Mimi Herrmann is a Network Security Engineer based in the Washington, D.C. area. She is also a contributing author and peer reviewer for Taylor and Francis. Mimi has been in security for more than twenty years, possessing experience at companies like McAfee, Tenable, Capstone, and more. Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode511 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Advances in ad blocking, PGP hijacking, the lack of security talent in the healthcare industry, and more security news! Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode511 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Back by popular demand, Paul drops more conference security knowledge in this technical segment! Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode511 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Hacking SEIMs, hijacking routers, Oracle's recent path, the FBI can finally find hackers that don't smoke weed, and more security news! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode510 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Paul gives his top 10 tips on keeping your devices safe at hacker cons in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode510 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Phil Zimmermann is the creator of Pretty Good Privacy (PGP), the most widely used email encryption software in the world. Phil is also a Co-Founder of Silent Circle, a provider of secure communications services. Before founding PGP Inc, Phil was a software engineer with more than 20 years of experience, specializing in cryptography and data security, data communications, and real-time embedded systems. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode510 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Free health apps are selling your data, SAP's TREX exposes HANA and NetWeaver, Microsoft patches another Word bug, your phone PIN is at risk, and more in this week's security news! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode509 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Our very own Carlos Perez demonstrates the basics of WMI events and how to abuse them in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode509 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

We welcome Alex Horan back to the show! Alex is the Director of Product Management at Onapsis. He has experience in startup-based project management, meeting with customers, prospects, and analysts to determine best areas of development and effective at communicating the needs from those communities to engineering teams. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode509 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Android ransomware bypasses all AV programs, McAfee gets a fresh start, the CIA and WikiLeaks saga continues, and Wi-Fi sex toys are vulnerable (again) in this week's Security News! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode508 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Our very own Jeff Man made a trip to the IBM InterConnect Conference on behalf of Security Weekly. Learn about his experience in this segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode508 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Anna Manley is an internet and privacy lawyer based in Nova Scotia, Canada. She is the principal of Manley Law Inc. and founder of Advocate Cognitive Technologies Inc. She also writes a blog covering all things law and tech related. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode508 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

The CIA hacks Cisco, Trump extends an executive order on cybersecurity, ISP privacy rules are being repealed, and why was 2016 a record year for vulnerabilities? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode507 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Paul shows you how to use Raspberry Pi's Pi-hole to block ads and malware in the cloud in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode507 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Brad Antoniewicz works in Cisco Umbrella's security research group. He founded the NYC branch of Security BSides. Brad is also a contributing author to both the Hacking Exposed and Hacking Exposed: Wireless book series. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode507 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Paul lists the pros and cons of using Arlo wireless cameras to secure your home in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode506 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Online backups are a double-edged sword. They provide fast, easy backups with inexpensive storage; however, by being online, they are able to be targeted by attackers. Don Pezet of ITPro.TV shows us how to secure your online backups in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode506 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Ferruh Mavituna is the Founder and Product Manager of Netsparker. He developed the first and only proof-based web security scanner with vulnerability detection and exploitation features. Ferruh also worked for the Turkish Army and Police from 2002-2006. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode506 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

The origin of threat hunting, your microwave is spying on you, 10 must-read books for infosec professionals, and why is IR automation and orchestration so hot? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode505 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Brad Haines (aka Render Man) is security enthusiast with a focus on security threats of all sorts. He is the person your sysadmin warned you about. Brad spearheads the Internet of Dongs Project, an endeavor focusing on the security of internet-connected sex toys. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode505 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Andrew Whitaker is the Director of Global Services at Rapid7. He leads Rapid7's penetration testing services that help organizations around the world gain insight into real-world risk and remediation guidance. Andrew is a subject matter expert on computer hacking, an author of best-selling networking and security books, and an award-winning technical trainer. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode505 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Lots of news involving the CIA, Firefox 52 expands non-secure HTTP warnings, WiFi cameras are insecure, email is safer in Office 365, and who is joining the IoT Cybersecurity Alliance? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode504 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Keith Hoodlet works as an Engineer on the Customer Success team at Rapid7. He is currently rebooting the InfoSec Mentors Project, providing a platform for finding and connecting mentors and mentees, with co-founder Jimmy Vo. He is also an Organizing Committee member for BSides Boston. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode504 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Hyrum Anderson is the Technical Director for Data Science at Endgame. He received his PhD in Electrical Engineering from the University of Washington and BS/MS degrees from Brigham Young University. Hyrum also has prior experience at FireEye, Mandiant, Sandia National Laboratories, and MIT Lincoln Laboratory. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode504 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

The risks of using an Android password manager, another WordPress plugin is flawed, hidden backdoors, Cloudbleed gets triggered, and more in this week's security news! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode503#Security_News_-_7:30-8:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Our very own Doug White delivers a demonstration/rant about incident response and forensic reporting in this week's technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode503#Technical_Segment:_Incident_Response_.26_Forensic_Reporting_with_Doug_White_-_7:00-7:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Alan White is the Global Regions Consulting and Services Director for Dell SecureWorks, and is part of the US Army's Computer Emergency Research Team. Previously, Alan was the Director of Security and Risk Consulting for the Asia-Pacific-Japan region, responsible for managing incident response, forensics, technical testing and compliance services teams. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode503#Interview:_Alan_White.2C_Dell_SecureWorks.2FUS_Army_-_6:00PM-7:00PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Lawmakers prepare to overturn broadband privacy rules, Windows vulnerabilities await patches, new security technologies debut at RSA, and are Slack conversations really private? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode502#Security_News_-_7:30-8:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

This webcast, driven by John Strand, brings together some of Black Hills Information Security's best to discuss antivirus. David Fletcher shows us how to bypass Symantec in this technical segment! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode502#Tech_Segment:_David_Fletcher.2C_Symantec_-_7:00-7:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Don Pezet is no stranger to the Security Weekly network! In this episode, Don chats with Paul, Doug, Jeff, Joff, and Carlos about tactics, laws, and problems related to incident response. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode502#Interview:_Don_Pezet_-_6:00PM-7:00PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Drive-by exploits are about to become much worse, how to use Scuba to run a database vulnerability scan, more Patch Tuesday delays, and why is it that the more infosec changes, the more it stays the same? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode501#Security_News_-_7:30-8:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Carrie Roberts joined Black Hills InfoSec after working for HP's Global Cyber Security group, where she worked as a network penetration tester. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode501#Tech_Segment:_Slipping_Executables_Past_Firewalls_with_Carrie_Roberts.2C_Black_Hills_InfoSec_-_7:00-7:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

David Conrad is a long-time and active participant in Internet infrastructure, development, and operations. As the CTO of ICANN, David is at the heart the organization's mission to help maintain the security, resiliency, and stability of the global Internet. Prior to being named CTO, David held several different positions at ICANN, including Vice President of Infrastructure & Technology. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode501#Interview:_David_Conrad:_ICANN.2 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Paul has trapped everyone in a blizzard at G-Unit Studios in Rhode Island! They must talk about penetration testing or they will be penetra...well, never mind. Watch this segment to hear our panel of experts talk about penetration testing! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode500 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Paul and crew kick off the episode 500 festivities by hosting a roundtable discussion on the current state and future of IoT security! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode500 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

A patchwork quilt of IoT security, President Trump's cyber executive order, how Google fought a botnet (and won), and why didn't WordPress tell us about their recent zero-day? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode499#Security_News_-_7:30-8:30PM

Nathaniel "Q" Quist is an Incident Response Engineer at LogRhythm Labs. Q is actively focused on Active Defense countermeasures and methods to increase the defensive capabilities of various organizations. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode499#Tech_Segment:_Nathaniel_.22Q.22_Quist.2C_LogRhythm_-_7:00PM-7:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Katherine Teitler is the Director of Content for MISTI, where she is responsible for programming information security conferences, workshops, and summits. Previously, she served as Director of Content at IANS, where she built the research program for subscription clients. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode499#Interview:_Katherine_Teitler.2C_MISTI_-_6:00PM-7:00PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

President Trump is tweeting from an insecure phone, Asus gives Raspberry Pi a run for its money, how to use your heartbeat as a password, and can you revive an old laptop with a free OS? Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode498#Security_News_-_7:30-8:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Our very own Jeff Man attended HP Print Security Tech Day at HP's headquarters in Palo Alto, California. He documents his experience at HP and how their business model influences printer security, and developing technologies. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode498#Tech_Segment:_Jeff.27s_HP_Adventures_-_7:00PM-7:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Chris Kubecka is an experienced and certified IT security expert. In addition to curating the popular Security Evangelist blog, she also serves as a member of the Executive Steering Committee with the Cyber Senate. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode498#Interview:_Chris_Kubecka.2C_HypaSec_-_6:00PM-7:00PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

We discuss Chelsea Manning's commutation, Guccifer 2.0 resurfacing, the identity of the Mirai botnet creator, and more in this week's security news! Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode497#Security_News_-_7:30PM-8:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Bruce Potter is the Founder and an organizer of ShmooCon, a long-running, yearly hacker convention in Washington, D.C. He also serves as the CTO of KeyW Corporation and Ponte Technologies. Bruce talks about his security journey, and the political climate as it relates to cybersecurity. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode497#Interview:_Bruce_Potter.2C_Shmoocon_-_7:00PM-7:30PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly

Jason Blanchard is the Curriculum Marketing Manager of Penetration Testing for the SANS Institute. In addition to speaking at conventions like DerbyCon and BSides Orlando, he has served as the Social Media Manager for Warner Bros. and PR Manager for Diamond Comic Distributors. Full Show Notes: http://wiki.securityweekly.com/wiki/index.php/Episode497#Interview:_Jason_Blanchard.2C_SANS_-_6:00PM-7:00PM Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly